EP4235417A1 - Gestionnaire de synchronisation pour contrôleur à haute disponibilité - Google Patents

Gestionnaire de synchronisation pour contrôleur à haute disponibilité Download PDF

Info

Publication number
EP4235417A1
EP4235417A1 EP22188367.1A EP22188367A EP4235417A1 EP 4235417 A1 EP4235417 A1 EP 4235417A1 EP 22188367 A EP22188367 A EP 22188367A EP 4235417 A1 EP4235417 A1 EP 4235417A1
Authority
EP
European Patent Office
Prior art keywords
controller
synchronization
state
application task
executing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP22188367.1A
Other languages
German (de)
English (en)
Inventor
Subodh Mujumdar
Vishnuvardhan Rao Dasari
Vishal Sawarkar
Krishnamohan Botsa
Shahid Ansari
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Schneider Electric Systems USA Inc
Original Assignee
Schneider Electric Systems USA Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Schneider Electric Systems USA Inc filed Critical Schneider Electric Systems USA Inc
Publication of EP4235417A1 publication Critical patent/EP4235417A1/fr
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/52Program synchronisation; Mutual exclusion, e.g. by means of semaphores
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/1658Data re-synchronization of a redundant component, or initial sync of replacement, additional or spare unit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • G06F11/2002Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where interconnections or communication control functionality are redundant
    • G06F11/2005Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where interconnections or communication control functionality are redundant using redundant communication controllers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • G06F11/202Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant
    • G06F11/2038Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant with a single idle spare processing component
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • G06F11/2097Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements maintaining the standby controller/processing unit updated
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • G06F9/4881Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/546Message passing systems or structures, e.g. queues
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B9/00Safety arrangements
    • G05B9/02Safety arrangements electric
    • G05B9/03Safety arrangements electric with multiple-channel loop, i.e. redundant control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/52Indexing scheme relating to G06F9/52
    • G06F2209/522Manager

Definitions

  • Creating a high availability scheme for a controller typically requires dedicated hardware interfaces.
  • conventional high availability schemes are platform- and application-specific, which increases the overall product cost.
  • the electrical controller must maintain the high availability requirements of the DCS to be used as a native citizen.
  • Such a controller should be capable of obtaining data from the various low voltage (LV) and medium voltage (MV) devices supporting the open standard communication protocols and serving this data to the DCS using its proprietary communication protocols.
  • Conventional high availability schemes are limited to specific platforms and/or applications and are unable to provide high availability across different domains.
  • aspects of the present disclosure provide a high availability controller through the use of an application programming interface for state and data synchronization between the power and process domains. For instance, aspects of the present disclosure permit retrofitting an existing simplex electrical controller design to make it highly available using a dedicated communication channel for synchronization.
  • the interface can be used by any controller that has spare communication interfaces for synchronization. In other words, hardware modifications in the existing controller are not required to achieve high availability of operations.
  • a method of synchronizing one or more application tasks executing on an active controller and on a standby controller includes identifying an application task executing on the active controller and the standby controller capable of synchronization and defining, for the application task, one or more synchronization points at which execution of the application task is to be synchronized.
  • the method also includes synchronizing execution of the application task on the active controller and the standby controller at each of the synchronization points, determining a first state of execution of the application task executing on the active controller at the synchronization points, and transmitting the first state from the active controller to the standby controller via a communications channel established between the controllers.
  • the method further includes verifying a successful synchronization of the application task on the active controller and the standby controller based on a comparison of the first state with a second state of execution of the application task executing on the standby controller at the synchronization points.
  • a system comprises a first controller and a second controller.
  • the first controller executes an application task having one or more defined synchronization points at which execution of the application task is to be synchronized.
  • the second controller executes the application task having the same one or more defined synchronization points as the application task executing on the first controller.
  • the first controller further executes a synchronization manager interface for determining a first state of execution of the application task executing on the first controller at the synchronization points and the second controller further executes the synchronization manager interface for determining a second state of execution of the application task executing on the second controller at the synchronization points.
  • the synchronization manager interface when executed, configures the first controller to transmit the first state from the first controller to the second controller via a communications channel established between the controllers for verifying a successful synchronization of the application task on the first controller and the second controller based on a comparison of the first state with the second state.
  • the power system 102 comprises electrical equipment control and monitoring system (ECMS) operations indicated at 106.
  • the ECMS operations 106 include, for instance, at least one human-machine interface (HMI) and at least one database containing archived ECMS data for automating electrical substation control, maintaining stable generating conditions, and the like.
  • HMI human-machine interface
  • database containing archived ECMS data for automating electrical substation control, maintaining stable generating conditions, and the like.
  • LV low voltage
  • MV medium voltage
  • IEDs intelligent electronic devices
  • ECMS solutions 112 including, for example, intelligent Fast Load Shed (iFLS) protection 114 and a Generation Management System (GMS) 116.
  • One or more electrical controllers 120 of power system 102 provide functionality for data acquisition, display, history collection, alarming, reporting, etc.
  • the controller 120 is configured for obtaining data from the various LV and MV devices.
  • communications within power system 102 are in accordance with an IEC 61850 network, indicated at 122.
  • IEC 61850 defines a standard for the design of electrical substation automation systems and applications, including a communication protocol.
  • each logical device such as each IED 110
  • each IED 110 is a logical node on the IEC 61850 network 122 representing a functional capability of the logical device.
  • the electrical controller 120 of power system 102 is a node on IEC 61850 network 122.
  • the process system 104 of FIG. 1 comprises process and electrical substation operations indicated at 126.
  • the operations 126 include, for instance, at least one HMI, at least one database containing alarms and events, at least one historian, and the like.
  • the process system 104 also includes at least one safety controller 128 connected to one or more safety control devices 130 and at least one processor controller 132 connected to one or more process control devices 134.
  • one or more electrical controllers 120 of process system 102 provide functionality for data acquisition, display, history collection, alarming, reporting, etc. with respect to a low voltage motor control center (MCC) 136 or the like.
  • MCC motor control center
  • process system 102 are coupled in accordance with a distributed control system (DCS) MESH network, indicated at 138.
  • DCS distributed control system
  • electrical controller 120 of process system 104 is a node on MESH network 138 and maintains the high availability requirements of the DCS.
  • one or more application tasks executing on the electrical controller 120 of power system 102 and executing on the electrical controller 120 of process system 104 are synchronized via a dedicated communication channel 140.
  • creating a high availability scheme for a controller typically requires dedicated hardware interfaces and is platform- and application-specific.
  • the electrical controller 120 is capable of satisfying the high availability requirements of the DCS as well as capable of bringing the data from power system 102 to process system 104.
  • controller 120 can receive data from the various LV and MV devices supporting the open standard communication protocols and serve the data to the DCS using its proprietary communication protocols.
  • FIG. 2 is a block diagram illustrating an embodiment of a synchronization process.
  • a high availability mechanism referred to as Synch Manager 202A, 202B is defined to synchronize the functioning of two controllers 120A, 120B configured as Active (or Hot) and Standby, respectively.
  • the Synch Manager 202A executes on controller 120A of, for example, process system 104
  • Synch Manager 202B executes on controller 120B of, for example, power system 102, or vice versa.
  • Both controllers 120A, 120B are power (electrical) controllers, one is Active and the other Standby.
  • the same controller can work on the two networks (power and process) resulting in exchange of data and commands between the two networks.
  • This abstract mechanism provides one or more application programming interfaces (APIs) for synchronizing the functioning of one or more application tasks 204A, 206A executing on controller 120A and corresponding application tasks 204B, 206B executing on controller 120B. It is to be understood that a synchronization manager interface such as Synch Manager 202A, 202B synchronizes any number of one or more application tasks.
  • APIs application programming interfaces
  • the Synch Manager 202A, 202B ensures that the application tasks 204A, 204B are executed in synch and the application tasks 206A, 206B are executed in synch, while the details of the synchronization are handled by the application tasks themselves. Synchronization is achieved by means of synchronization points (also referred to as Synch Points), which are the points of execution of application tasks 204A, 204B and 206A, 206B that ensure synchronous execution of the tasks.
  • the synchronization points are defined for the same domain (power / process) controller application tasks.
  • the two controllers which constitute a Hot /-Standby pair, run the same applications (same configuration and firmware) and hence the application tasks are the same across the two peer controllers.
  • Synch Manager 202A, 202B ensure synchronization of application "State" and "Data.”
  • Synch Manager 202A, 202B transmits a first state to the same domain (power / process) controller, running the same application (configuration and firmware). These APIs report "Success” or “Failure” or "Timeout” of the synch operation.
  • the application tasks 204A, 204B and 206A, 206B determine actions to be taken post-synchronization. Due to the application agnostic nature of the synch APIs, any application task in controller 120 can use them and build its own synchronization mechanism based on the application-specific functions. For this reason, Synch Manager 202A, 202B can be used by any controller 120 that has spare communication interfaces for synchronization.
  • no hardware modifications are required in the existing controller 120 to achieve high availability of operations.
  • aspects of the present disclosure provide a high availability scheme defining an abstract synchronization scheme that is both platform and application agnostic.
  • This scheme allows a simplex controller to be converted to Hot / Standby pair of controllers 120A, 120B without requiring any hardware modifications. It can work on the existing communication interfaces (e.g., lower bandwidth (as low as 2.5 MBPS)) and is agnostic with respect to communication technology. This is achieved by minimizing on the data throughput for the synchronization.
  • the overall efficiency of the controller operation is also increased in the redundant pair configuration by defining loosely coupled controllers.
  • aspects of the present disclosure provide a controller capable of high availability of: control applications; controller online configuration and diagnostics; alarms; Sequence of Events (SOEs); data distribution commands communication; network channel (network communication); data acquisition and control (e.g., Modbus, IEC 61850, and hard-wired input/output); and the like.
  • SOEs Sequence of Events
  • data distribution commands communication e.g., network channel communication
  • data acquisition and control e.g., Modbus, IEC 61850, and hard-wired input/output
  • the Synch Manager 202A, 202B provides an application agnostic synchronization mechanism for synchronization of application tasks 204A, 204B and 206A, 206B.
  • This abstract mechanism defines the application interface for state and data synchronization whereas application-specific synchronization is defined by the application tasks themselves.
  • the two nodes on their respective networks, Active and Standby, run concurrently for the data they can receive independently and share the data that is only available to the Active node, i.e., controller 120A. Low data throughput for synchronization shares only minimal data for application synchronization.
  • Synch Manager 202A, 202B defines Synch Points, which are the execution statements to be synchronized in the application tasks 204A, 204B and 206A, 206B and exchanges synch messages.
  • the Synch Manager 202A, 202B reports Synch Success, Synch Failure / Timeout to the respective application task 204A, 204B, 206A, 206B.
  • application task 204A, 204B, 206A, 206B defines any synchronization action post-synch feedback.
  • each node periodically checks for the presence of its peer node, and determines the role of the node as either Active or Standby. If the peer node is lost, it needs to be recovered once it is back online. In this instance, the database is shared with the peer and resynchronization is established following the recovery.
  • FIG. 3 illustrates an example message format communicated between controller 120A and controller 120B via communication channel 140 in accordance with aspects of the present disclosure.
  • communications on the communication channel 140 use a networking communication protocol, such as Arcnet, but can use Ethernet or another networking technology.
  • the message consists of the Synch Points between the two nodes and preferably includes: Message ID; Message Length; Task Code; Sync Point ID; Sequence Number; User Data Size; and User Data Bytes.
  • FIG. 4 is a block diagram illustrating an embodiment of a synchronization process architecture including further aspects of the present disclosure.
  • application tasks 204A, 206A update a SynchState Message into a Transmit State Table 402A at 404.
  • Synch Manager 202A periodically reads the Transmit State Table 402A.
  • Synch Manager 202B periodically reads a corresponding Transmit State Table 402B at 406.
  • Synch Manager 202A sends the new messages to the peer Synch Manager 202B via communication channel 140, or vice versa.
  • the Synch Manager 202B receives the messages from its peer at 410 and updates a Receive State Table 412B.
  • Synch Manager 202A receives the messages from its peer at 410 and updates a corresponding Receive State Table 412A. Proceeding to 414, Synch Manager 202A compares the respective entries in both the tables 412A, 412B and informs the application tasks 204A, 206A of the result of synchronization. In the event the Active and Standby roles are reversed, at 414, Synch Manager 202B compares the respective entries in both the tables 412A, 412B and informs the application tasks 204B, 206B of the result of synchronization.
  • FIGS. 5A and 5B illustrate two types of Synch State messages defined by Synch Manager 202A, 202B according to an embodiment of the present disclosure.
  • a one shot synch message is used for synchronous execution of application tasks 204A, 204B.
  • a periodic synch message is used to ensure synchronous state (application-specific data) of application tasks 204A, 204B.
  • the Active node e.g., controller 120A
  • the Active node sends periodic synch messages and expects the response from the Standby node (e.g., controller 120B).
  • the result of synchronization is sent to the application tasks 204A, 204B to allow them to plan the next steps that will ensure the synchronous execution.
  • FIG. 6 is a block diagram illustrating an embodiment of a synchronization process architecture including further aspects of the present disclosure providing synchronization of alarms, SOE, and data distribution commands.
  • the Synch Manager synchronizes an alarm message server and data distribution commands server application tasks in controller 120. Examples of other application tasks include: system initialize, application processor, scanner, message processor, import, and Optonet Rx.
  • the data distribution commands server sends the number of data distribution commands received every 500 millisecond interval, for example.
  • the data distribution command counts are checked for synchronization.
  • a Hot recovery is initiated. Hot recovery consists of sending the batch of commands that failed to synchronize.
  • the alarm message server in this example sends the alarms and SOE count transmitted every 500 millisecond interval.
  • the Standby node adjusts its circular buffers based on the count received. In case of recovery / resynchronization of the Standby node, the data distribution commands database and the alarms / SOE database are transferred. Post-recovery, the synchronization is resumed.
  • Synch Manager 202A, 202B is application and platform agnostic. For this reason, it can retrofit to an existing simplex controller design to make it highly available (using a dedicated communication channel for synchronization) and provides a scalable framework to which application tasks can be added for synchronization without impacting the existing synchronization.
  • the Synch Manager 202A, 202B further provides an extensible framework that works with other mechanisms of synchronization in order to build a customized synchronization mechanism.
  • Synch Manager 202A, 202B works with Supervisory Control and Data Acquisition (SCADA) remote terminal unit (RTU) database synch mechanisms such as Hot Data Exchange Protocol (HDEP).
  • SCADA Supervisory Control and Data Acquisition
  • RTU remote terminal unit
  • HDEP Hot Data Exchange Protocol
  • an example Synch Manager high available architecture is shown for an Active, or main, electrical controller 120A and a Standby, or backup, electrical controller 120B.
  • Embodiments of the present disclosure may comprise a special purpose computer including a variety of computer hardware, as described in greater detail herein.
  • programs and other executable program components may be shown as discrete blocks. It is recognized, however, that such programs and components reside at various times in different storage components of a computing device, and are executed by a data processor(s) of the device.
  • computing system environment is not intended to suggest any limitation as to the scope of use or functionality of any aspect of the invention.
  • computing system environment should not be interpreted as having any dependency or requirement relating to any one or combination of components illustrated in the example operating environment.
  • Examples of computing systems, environments, and/or configurations that may be suitable for use with aspects of the invention include, but are not limited to, personal computers, server computers, hand-held or laptop devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, mobile telephones, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like.
  • Embodiments of the aspects of the present disclosure may be described in the general context of data and/or processor-executable instructions, such as program modules, stored one or more tangible, non-transitory storage media and executed by one or more processors or other devices.
  • program modules include, but are not limited to, routines, programs, objects, components, and data structures that perform particular tasks or implement particular abstract data types.
  • aspects of the present disclosure may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network.
  • program modules may be located in both local and remote storage media including memory storage devices.
  • processors, computers and/or servers may execute the processor-executable instructions (e.g., software, firmware, and/or hardware) such as those illustrated herein to implement aspects of the invention.
  • processor-executable instructions e.g., software, firmware, and/or hardware
  • Embodiments may be implemented with processor-executable instructions.
  • the processor-executable instructions may be organized into one or more processor-executable components or modules on a tangible processor readable storage medium.
  • embodiments may be implemented with any number and organization of such components or modules.
  • aspects of the present disclosure are not limited to the specific processor-executable instructions or the specific components or modules illustrated in the figures and described herein.
  • Other embodiments may include different processor-executable instructions or components having more or less functionality than illustrated and described herein.
  • the invention also relates to a synchronization manager interface determining a first state of execution of an application task executing on a first controller at defined synchronization points and further determining a second state of execution of the application task executing on a second controller at the defined synchronization points.
  • the synchronization manager interface when executed, configures the first controller to transmit the first state from the first controller to the second controller via a communications channel established between the controllers for verifying a successful synchronization of the application task on the controllers based on a comparison of the first state with the second state.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Quality & Reliability (AREA)
  • Hardware Redundancy (AREA)
EP22188367.1A 2022-02-24 2022-08-02 Gestionnaire de synchronisation pour contrôleur à haute disponibilité Pending EP4235417A1 (fr)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US17/679,744 US20230267016A1 (en) 2022-02-24 2022-02-24 Synch manager for high availability controller

Publications (1)

Publication Number Publication Date
EP4235417A1 true EP4235417A1 (fr) 2023-08-30

Family

ID=83232782

Family Applications (1)

Application Number Title Priority Date Filing Date
EP22188367.1A Pending EP4235417A1 (fr) 2022-02-24 2022-08-02 Gestionnaire de synchronisation pour contrôleur à haute disponibilité

Country Status (4)

Country Link
US (1) US20230267016A1 (fr)
EP (1) EP4235417A1 (fr)
CN (1) CN116701002A (fr)
CA (1) CA3168257A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230322245A1 (en) * 2022-04-11 2023-10-12 Bendix Commercial Vehicle Systems Llc System and method of enabling a user to retrofit a vehicle with at least one vehicle product

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060056285A1 (en) * 2004-09-16 2006-03-16 Krajewski John J Iii Configuring redundancy in a supervisory process control system
US20140237328A1 (en) * 2011-02-16 2014-08-21 Invensys Systems, Inc. System and method for fault tolerant computing using generic hardware

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8448162B2 (en) * 2005-12-28 2013-05-21 Foundry Networks, Llc Hitless software upgrades
US8769155B2 (en) * 2010-03-19 2014-07-01 Brocade Communications Systems, Inc. Techniques for synchronizing application object instances

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060056285A1 (en) * 2004-09-16 2006-03-16 Krajewski John J Iii Configuring redundancy in a supervisory process control system
US20140237328A1 (en) * 2011-02-16 2014-08-21 Invensys Systems, Inc. System and method for fault tolerant computing using generic hardware

Also Published As

Publication number Publication date
CA3168257A1 (fr) 2023-08-24
US20230267016A1 (en) 2023-08-24
CN116701002A (zh) 2023-09-05

Similar Documents

Publication Publication Date Title
US6138049A (en) System and methods for generating and distributing alarm and event notifications
EP4235417A1 (fr) Gestionnaire de synchronisation pour contrôleur à haute disponibilité
CN105095008A (zh) 一种适用于集群系统的分布式任务故障冗余方法
CN106649711A (zh) 基于Redis实时数据库的分布式前置采集系统
CN106411574B (zh) 一种管理控制方法和装置
CN116699964A (zh) 一种工业过程控制器冗余运行方法和系统
CN103441878A (zh) Vcf网络中pe设备的归属处理方法及设备
CN103634141A (zh) 一种刀片服务器管理网络对称式恢复方法
Györgyi et al. In-network solution for network traffic reduction in industrial data communication
CN111083074A (zh) 主备双ospf状态机的高可用性方法和系统
CN112787868B (zh) 一种信息同步的方法和装置
CN116302691A (zh) 容灾方法、装置以及系统
CN113721593B (zh) 一种优化备份功能的综合航电系统
EP3232646B1 (fr) Appareil de relais de transmissionde données dans un système scada
Kurtz et al. Advanced controller resiliency in software-defined networking enabled critical infrastructure communications
US10394671B2 (en) Fault-tolerant, serviceable automation system
US20240249372A1 (en) Unified dynamic controller for power and process applications
EP4404008A1 (fr) Contrôleur dynamique unifié pour applications de puissance et de processus
CN118377270A (zh) 用于电力和过程应用的统一动态控制器
CN112364099B (zh) 高可用的作业运行系统及方法
CN113162778B (zh) 一种用于高速工业以太网主站冗余的方法
CN116781476B (zh) 一种节点型边缘计算系统
CN115277375A (zh) 一种主备服务器的切换方法、系统、设备及存储介质
RU2679739C1 (ru) Система автоматизации с динамической функциональной архитектурой
CN118433014A (zh) 应用于框式设备的可靠性传输方法及装置

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN PUBLISHED

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20240229

RBV Designated contracting states (corrected)

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR